Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

openvpn: support for updating systemd-resolved with DNS servers #58800

Merged
merged 1 commit into from Apr 28, 2019
Merged

openvpn: support for updating systemd-resolved with DNS servers #58800

merged 1 commit into from Apr 28, 2019

Conversation

peterhoeg
Copy link
Member

@peterhoeg peterhoeg commented Apr 2, 2019
edited

Motivation for this change

With this PR, a script can be triggered when an OpenVPN connection is made that will configure the DNS for systemd-resolved. Short version: if you need to do DNS over an OpenVPN tunnel that you run directly by invoking openvpn, you need this.

There is no change to the openvpn binary itself, so there is no risk of breaking anything.

Without this PR:

Link 20 (tun0)
      Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
       LLMNR setting: yes
MulticastDNS setting: no
  DNSOverTLS setting: no
      DNSSEC setting: no
    DNSSEC supported: no

With this PR:

Link 20 (tun0)
      Current Scopes: DNS LLMNR/IPv4 LLMNR/IPv6
       LLMNR setting: yes
MulticastDNS setting: no
  DNSOverTLS setting: no
      DNSSEC setting: no
    DNSSEC supported: no
  Current DNS Server: 10.10.1.63
         DNS Servers: 10.10.1.63
          DNS Domain: some.other.domain.tld

Cc: @viric

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nix-review --run "nix-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Assured whether relevant documentation is up to date
  • Fits CONTRIBUTING.md.

@GrahamcOfBorg GrahamcOfBorg requested a review from viric April 2, 2019 14:46
@peterhoeg peterhoeg merged commit 8f81838 into NixOS:master Apr 28, 2019
@peterhoeg peterhoeg deleted the f/openvpn branch April 28, 2019 13:54
@peterhoeg peterhoeg restored the f/openvpn branch April 28, 2019 14:24
@peterhoeg peterhoeg deleted the f/openvpn branch April 29, 2019 07:41
@peterhoeg peterhoeg restored the f/openvpn branch April 30, 2019 01:16
@peterhoeg peterhoeg deleted the f/openvpn branch April 30, 2019 09:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@viric viric Awaiting requested review from viric

Assignees
No one assigned
Labels
10.rebuild-darwin: 1-10 10.rebuild-linux: 11-100
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@peterhoeg @GrahamcOfBorg